open, secure industrial automation · pdf fileopen, secure industrial automation systems glenn...
TRANSCRIPT
© 2017 WIND RIVER. ALL RIGHTS RESERVED.
OPEN, SECURE INDUSTRIAL
AUTOMATION SYSTEMS
Glenn Seiler
VP Product Management and Strategy
Software Defined Infrastructure BU
2 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
TOPICS
▪ Deployment and operational challenges for critical infrastructure
▪ How virtualization addresses these challenges
▪ Introduction to Wind River Titanium Control platform
▪ Business-level benefits
▪ Summary
3 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
EXAMPLE: REFINERIES AND POWER PLANTS
Key business goals
▪ Increase productivity while avoiding unplanned
downtime
▪ Modernize control systems and edge devices to
provide more flexibility and innovation
▪ Protect vital systems from security threats and
attacks
Challenges
▪ Upgrades in continuous 24x7 process operations
▪ Upgrading plant functions
▪ Outdated equipment can be vulnerable to attack
4 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
KEY CHALLENGES FOR CRITICAL INFRASTRUCTURE
▪ Industrial control systems installed since the 1980s present major
business challenges
– Increasing OPEX due to high maintenance and replacement costs plus a
dwindling pool of skilled technicians
– Limited flexibility resulting from sole-sourced solutions with proprietary
programming and operational models
– Outdated box-level security features with no provision for end-to-end threat
protection or dynamic updates
– Slow product lifecycles out of step with fast-moving IT and mobile
technologies
5 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
BENEFITS OF VIRTUALIZATION
▪ Level 1 through Level 3 control functions can be virtualized and consolidated onto standard
IT-class servers for significant CAPEX and OPEX savings
– Software-based digital controllers, PLCs, DCSs, SCADA software, HMIs, historians and applications
– Massive cost savings from software updates instead of high-cost replacements of physical equipment
– Differentiation through software without having to rip and replace proprietary hardware and software
▪ Open platforms for the development and deployment of flexible, interoperable applications
– Avoiding vendor lock-in and long development cycles inherent in traditional hardware-based solutions
▪ Best-in-class end-to-end network security and industrial automation security functions
– Leveraging best available firewalls, VPNs, intrusion prevention systems, etc., from leading IT vendors
– Dynamic updates in response to emerging threats
▪ Full support for ultra-low latency, deterministic networking and high availability
6 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
TITANIUM CONTROL ADDRESSES THE CHALLENGESReliability, Management, Performance, Scalability, Security, Open Standards
▪ Integrated software platform for
on-premise critical infrastructure
applications
▪ Addresses all the key challenges
for industrial-grade virtualization
and securityStandard Server(s)
Titanium
Control
Software
Control
Node(s)
Storage
Node(s)
Physical
Devices
Safety
SystemsDCS Analyzer
Wireless
GatewayPLCMonitoring
Industrial-Grade Networking
Compute Node(s)
Virtualized
Functions
(Level 1 - 3)
Virtual Machine
PLC
Virtual Machine
DCS
Virtual Machine
HIS
Virtual Machine
Other
7 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Virtualized
Functions
(Level 1 - 3)
Titanium Control Software
Virtual Machine
PLC
Virtual Machine
DCS
Virtual Machine
HIS
Virtual Machine
Other
TITANIUM CONTROL ARCHITECTURE
Based on Industry-Standard Open Source Software
Real-Time Performance Enhancements to KVM Hypervisor
Secure, High-Reliability Accelerated Virtual Switch
Comprehensive Fault Management and VM Management
Industrial Grade Storage Cluster
Industrial Grade Networking
Full Support for Industry-Standard Guest Operating Systems
Standard Server(s)
Physical
Devices
Control Node(s)
Safety
SystemsDCS Analyzer
Wireless
GatewayPLCMonitoring
Industrial-Grade Networking
VM Management
Fault Management
Storage Node(s)
Industrial-Grade
Storage Cluster
Centralized or Local
Compute Node(s)
Industrial-Grade Hypervisor
Accelerated Virtual Switch
Hardened Linux
DPDK
8 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Fully Scalable System-Level Architecture
Highly-Available
Edge Solution
Two servers
Compute
VM
Control
VM VM
Storage
1:1 protected pair
of servers
Compute
VM
Control
VM VM
Storage
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Storage
Control
Storage
Frame-Level
Solution
4 –100 servers
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Storage
Control
Storage
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Storage
Control
Storage
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Storage
Control
Storage
Large-Scale Data Center
Solution
Hundreds of servers
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Control
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Compute
VM VM VM
Top of Rack
Compute
VM VM VM
Control
Control
Multi-region cloud
Compute
VM
Control
VM VM
Storage
Minimum-Footprint
Edge Solution
Single server
9 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Titanium Control: Reliability
▪ Titanium Control features:
– Six-nines (99.9999%) reliability at the platform level when running on two or more physical servers
– Automatic detection of failed controllers, hosts and VMs, with automatic recovery (60x faster than enterprise Linux)
– Live migration of VMs (including DPDK-based VMs) with less than 150ms outage time
– No unplanned downtime for software upgrades and patching, with full support for roll-backs
– Industrial-grade storage: volumes survive VM migrations, VM restarts, node failures etc.
▪ Fault tolerant to multiple software and hardware faults, with no single point of failure
▪ Six-nines (99.9999%) availability
▪ Minimal loss of service or data on failover
Industrial
Requirements
Detection of failed
VM in <500ms
Detection of failed
compute node in <1s
Recovery from control
node failure in <25s
Detection of network
link failure in <50ms
✓
10 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
▪ Support for remote platform monitoring, diagnostics and updates
▪ No unplanned downtime for hardware or software updates
▪ Integration with IT-based Level 4 / Level 5 management, orchestration and supervisory functions
Industrial
Requirements
Titanium Control: Management
▪ Titanium Control features:
– Simple installation and commissioning with installation wizard and no requirement for separate installer node
– Remote monitoring with sophisticated system alarms, analytics, performance management and fault management
– Hitless software upgrades and patching: no unplanned downtime
– Intelligent orchestrated patching engine accelerates system-wide patching
– Comprehensive system visibility and alarms
– Standard APIs for integration with Level 4 and Level 5 IT systems
✓
11 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
TITANIUM CONTROL: PERFORMANCE AND SCALABILITY
▪ Titanium Control features:
– Seamlessly scalable from single-server on-premise deployments to hundreds of servers in data center
environments
– Deterministic interrupt latency of 3µs
– Accelerated virtual switching: up to 40x performance of kernel-based vSwitches
– Dynamic scaling of VMs up/down and in/out based for optimum resource utilization
– Full support for real-time operating systems (RTOSs) in guest VMs
✓
12 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Security is core to the platform
All Titanium Control Solutions
Compute
VM
Control
VM VM
Storage
Compute
VM
Control
VM VM
Storage
Titanium Control: Two Node
Configuration ideal for highly
available Edge solutions.
1:1 protected pair of Single Servers
Top Down
• Full Authentication control
• AAA
• Encryption
Bottom Up
• Silicon linked through EPA
• TPM, VTPM
• Encryption
• Secure Boot
Through/Across the system
• Integrated Measurement Architecture
• Transport Layer Security (TLS) with certificate storage in TPM hardware
• Isolation
✓
13 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
TITANIUM CONTROL: OPEN STANDARDS
▪ Titanium Control features:
– Based on open source software with patches contributed back to the community by Wind River
– Linux, KVM, OpenStack, Ceph and DPDK
– Support for industry-standard guest operating systems including Linux, VxWorks, Windows, etc.
– Titanium Cloud Ecosystem validations ensure compatibility with third-party software products
– Enterprise-class and COTS servers from multiple suppliers also validated through the ecosystem
Open standards eliminate the risk of vendor lock-in while enabling innovative third-party software products
14 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
▪ Reduce the cost and risk of replacing physical control devices
▪ Ensure end-to-end security for business operations and control
functions
▪ Reduce capital cost for new deployments and capacity
expansions
BUSINESS-LEVEL BENEFITS OF TITANIUM CONTROL
Maximize System-Wide
Return on Investment
Increase Value
Reduce Operational Costs
▪ Efficiently scale control systems to add capacity
▪ Accelerate the introduction of new functions and services
to optimize control processes
▪ Leverage the expertise of millennial programmers and
third-party software vendors
15 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
SUMMARY
▪ Virtualization enables critical infrastructure companies to slash their operational costs by deploying
secure, robust, flexible software-based solutions as alternatives to legacy, fixed-function hardware
▪ Industrial control systems installed since the 1980s present major business challenges
– Increasing OPEX due to high maintenance and replacement costs plus a dwindling pool of skilled technicians
– Limited flexibility resulting from sole-sourced solutions with proprietary programming and operational models
– Outdated box-level security features with no provision for end-to-end threat protection or dynamic updates
– Slow product lifecycles out of step with fast-moving IT and mobile technologies
▪ Wind River addresses these challenges through the open Titanium Control platform
– Virtualized software applications running on standard IT-class servers
– Six nines uptime and optimum asset utilization
– Best-in-class security and system level performance
– Architecture proven in telecom infrastructure with the first product launched in 2014 for
Network Functions Virtualization
™
16 © 2017 WIND RIVER. ALL RIGHTS RESERVED.